redline | c3e0549cd76ceabab50401d72e23ab89b43c2e82e262aa1deaa9bf16a1aa5be9 | Triage

Submit
Reports

Overview

overview

Static

static

3

652174b7fa...18.exe

windows7-x64

652174b7fa...18.exe

windows10-2004-x64

Sharing

General

Target

652174b7fa6945f30bc078d39ba1d048_JaffaCakes118
Size

328KB
Sample

241021-b759navalm
MD5

652174b7fa6945f30bc078d39ba1d048
SHA1

f1ac626f2d149b0967956d4ba0300e55f344453b
SHA256

c3e0549cd76ceabab50401d72e23ab89b43c2e82e262aa1deaa9bf16a1aa5be9
SHA512

85cdfe0c21b768e60dab2b52be4877167a87487243b360efcfeadb83e7f8b98ccabb9a53bac565730c7518f19d5e8c4c93ef24296029c736e5cec993592c6a11
SSDEEP

3072:x4fEG/iBfTt4lMktRt0Q7EkoQQLs0Whmo9K/+TiC35isMs8bSwKARqso9CX5Lh7Z:uixGby6eLPWkoK4vfR6qWN+WWCIwJIr

Score

10^/10

redline sectoprat sewpalpadin discovery infostealer rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

652174b7fa6945f30bc078d39ba1d048_JaffaCakes118.exe

Resource

win7-20240903-en

redline sectoprat sewpalpadin discovery infostealer rat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

652174b7fa6945f30bc078d39ba1d048_JaffaCakes118.exe

Resource

win10v2004-20241007-en

redline sectoprat sewpalpadin discovery infostealer rat trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

SewPalpadin

C2

185.215.113.114:8887

Targets

- Target
  
  652174b7fa6945f30bc078d39ba1d048_JaffaCakes118
- Size
  
  328KB
- MD5
  
  652174b7fa6945f30bc078d39ba1d048
- SHA1
  
  f1ac626f2d149b0967956d4ba0300e55f344453b
- SHA256
  
  c3e0549cd76ceabab50401d72e23ab89b43c2e82e262aa1deaa9bf16a1aa5be9
- SHA512
  
  85cdfe0c21b768e60dab2b52be4877167a87487243b360efcfeadb83e7f8b98ccabb9a53bac565730c7518f19d5e8c4c93ef24296029c736e5cec993592c6a11
- SSDEEP
  
  3072:x4fEG/iBfTt4lMktRt0Q7EkoQQLs0Whmo9K/+TiC35isMs8bSwKARqso9CX5Lh7Z:uixGby6eLPWkoK4vfR6qWN+WWCIwJIr
Score

10^/10

redline sectoprat sewpalpadin discovery infostealer rat trojan
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- SectopRAT
  SectopRAT is a remote access trojan first seen in November 2019.
  trojan rat sectoprat
- SectopRAT payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinesectopratsewpalpadindiscoveryinfostealerrattrojan

behavioral2

redlinesectopratsewpalpadindiscoveryinfostealerrattrojan

© 2018-2025

Terms | Privacy